Skip to content

Commit ee8ac09

Browse files
committed
Update usage of cli package for Action signature
The CLI package recently deprecated Action functions that don't return an error. This commit goes through and finds all usage of us calling os.Exit() by hand and changes it to return an error. This fixes #20.
1 parent 26dff01 commit ee8ac09

6 files changed

Lines changed: 76 additions & 123 deletions

File tree

encrypt.go

Lines changed: 10 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -71,11 +71,10 @@ func generateEcdsa() ([]byte, error) {
7171
return pem.EncodeToMemory(pemBlock), nil
7272
}
7373

74-
func cmdEncryptKey(c *cli.Context) {
74+
func cmdEncryptKey(c *cli.Context) error {
7575
region, err := ec2metadata.New(session.New(), aws.NewConfig()).Region()
7676
if err != nil {
77-
fmt.Printf("Unable to determine our region: %s", err)
78-
os.Exit(1)
77+
return cli.NewExitError(fmt.Sprintf("Unable to determine our region: %s", err), 1)
7978
}
8079
keyId := c.String("key-id")
8180

@@ -88,43 +87,37 @@ func cmdEncryptKey(c *cli.Context) {
8887
key, err = generateRsa()
8988
}
9089
if err != nil {
91-
fmt.Printf("Unable to generate key: %s", err)
92-
os.Exit(1)
90+
return cli.NewExitError(fmt.Sprintf("Unable to generate key: %s", err), 1)
9391
}
9492
ciphertext, err = encryptKey(key, region, keyId)
9593
if err != nil {
96-
fmt.Printf("Unable to generate ecdsa key: %s", err)
97-
os.Exit(1)
94+
return cli.NewExitError(fmt.Sprintf("Unable to generate ecdsa key: %s", err), 1)
9895
}
9996
signer, err := ssh.ParsePrivateKey(key)
10097
if err != nil {
101-
fmt.Printf("Unable to parse generated private key: %s", err)
102-
os.Exit(1)
98+
return cli.NewExitError(fmt.Sprintf("Unable to parse generated private key: %s", err), 1)
10399
}
104100
err = ioutil.WriteFile(c.String("output")+".pub", ssh.MarshalAuthorizedKey(signer.PublicKey()), 0644)
105101
if err != nil {
106-
fmt.Printf("Unable to write new public key: %s", err)
107-
os.Exit(1)
102+
return cli.NewExitError(fmt.Sprintf("Unable to write new public key: %s", err), 1)
108103
}
109104
} else {
110105
ciphertext, err = encryptKeyFromStdin(keyId, region)
111106
if err != nil {
112-
fmt.Printf("Failed to encrypt key: %s", err)
113-
os.Exit(1)
107+
return cli.NewExitError(fmt.Sprintf("Failed to encrypt key: %s", err), 1)
114108
}
115109
}
116110
err = ioutil.WriteFile(c.String("output"), ciphertext, 0644)
117111
if err != nil {
118-
fmt.Printf("Unable to write new encrypted private key: %s", err)
119-
os.Exit(1)
112+
return cli.NewExitError(fmt.Sprintf("Unable to write new encrypted private key: %s", err), 1)
120113
}
114+
return nil
121115
}
122116

123117
func encryptKeyFromStdin(keyId, region string) ([]byte, error) {
124118
keyContents, err := ioutil.ReadAll(bufio.NewReader(os.Stdin))
125119
if err != nil {
126-
fmt.Printf("Unable to read private key: %s", err)
127-
os.Exit(1)
120+
return nil, cli.NewExitError(fmt.Sprintf("Unable to read private key: %s", err), 1)
128121
}
129122
return encryptKey(keyContents, region, keyId)
130123
}

get_cert.go

Lines changed: 11 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ func getCertFlags() []cli.Flag {
2323

2424
return []cli.Flag{
2525
cli.StringFlag{
26-
Name: "environment",
26+
Name: "environment, e",
2727
Value: "",
2828
Usage: "An environment name (e.g. prod)",
2929
},
@@ -39,7 +39,7 @@ func getCertFlags() []cli.Flag {
3939
}
4040
}
4141

42-
func getCert(c *cli.Context) {
42+
func getCert(c *cli.Context) error {
4343

4444
configPath := c.String("config-file")
4545
environment := c.String("environment")
@@ -49,44 +49,37 @@ func getCert(c *cli.Context) {
4949
err := ssh_ca_util.LoadConfig(configPath, &allConfig)
5050
wrongTypeConfig, err := ssh_ca_util.GetConfigForEnv(environment, &allConfig)
5151
if err != nil {
52-
fmt.Println(err)
53-
os.Exit(1)
52+
return cli.NewExitError(fmt.Sprintf("%s", err), 1)
5453
}
5554
config := wrongTypeConfig.(ssh_ca_util.RequesterConfig)
5655

5756
getResp, err := http.Get(config.SignerUrl + "cert/requests/" + certRequestID)
5857
if err != nil {
59-
fmt.Println("Didn't get a valid response", err)
60-
os.Exit(1)
58+
return cli.NewExitError(fmt.Sprintf("Didn't get a valid response: %s", err), 1)
6159
}
6260
getRespBuf, err := ioutil.ReadAll(getResp.Body)
6361
if err != nil {
64-
fmt.Println("Error reading response body", err)
65-
os.Exit(1)
62+
return cli.NewExitError(fmt.Sprintf("Error reading response body", err), 1)
6663
}
6764
getResp.Body.Close()
6865
if getResp.StatusCode != 200 {
69-
fmt.Println("Error getting that request id:", string(getRespBuf))
70-
os.Exit(1)
66+
return cli.NewExitError(fmt.Sprintf("Error getting that request id: %s", string(getRespBuf)), 1)
7167
}
7268

7369
pubKey, _, _, _, err := ssh.ParseAuthorizedKey(getRespBuf)
7470
if err != nil {
75-
fmt.Println("Trouble parsing response", err)
76-
os.Exit(1)
71+
return cli.NewExitError(fmt.Sprintf("Trouble parsing response", err), 1)
7772
}
7873
cert := pubKey.(*ssh.Certificate)
7974
secondsRemaining := int64(cert.ValidBefore) - int64(time.Now().Unix())
8075
if secondsRemaining < 1 {
81-
fmt.Println("This certificate has already expired.")
82-
os.Exit(1)
76+
return cli.NewExitError(fmt.Sprintf("This certificate has already expired."), 1)
8377
}
8478

8579
pubKeyPath, err := findKeyLocally(cert.Key)
8680

8781
if err != nil {
88-
fmt.Println(err)
89-
os.Exit(1)
82+
return cli.NewExitError(fmt.Sprintf("%s", err), 1)
9083
}
9184
pubKeyPath = strings.Replace(pubKeyPath, ".pub", "-cert.pub", 1)
9285
err = ioutil.WriteFile(pubKeyPath, getRespBuf, 0644)
@@ -103,10 +96,10 @@ func getCert(c *cli.Context) {
10396
cmd.Stdin = os.Stdin
10497
err = cmd.Run()
10598
if err != nil {
106-
fmt.Println("Error in ssh-add")
107-
os.Exit(1)
99+
return cli.NewExitError(fmt.Sprintf("Error in ssh-add: %s", err), 1)
108100
}
109101
}
102+
return nil
110103
}
111104

112105
func findKeyLocally(key ssh.PublicKey) (string, error) {

list_requests.go

Lines changed: 11 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -22,23 +22,23 @@ func listCertFlags() []cli.Flag {
2222

2323
return []cli.Flag{
2424
cli.StringFlag{
25-
Name: "environment",
25+
Name: "environment, e",
2626
Value: "",
2727
Usage: "An environment name (e.g. prod)",
2828
},
2929
cli.StringFlag{
30-
Name: "config-file",
30+
Name: "config-file, c",
3131
Value: configPath,
3232
Usage: "Path to config.json",
3333
},
3434
cli.BoolFlag{
35-
Name: "show-all",
35+
Name: "show-all, a",
3636
Usage: "Show certs that have already been signed as well",
3737
},
3838
}
3939
}
4040

41-
func listCerts(c *cli.Context) {
41+
func listCerts(c *cli.Context) error {
4242

4343
configPath := c.String("config-file")
4444
environment := c.String("environment")
@@ -48,25 +48,21 @@ func listCerts(c *cli.Context) {
4848
err := ssh_ca_util.LoadConfig(configPath, &allConfig)
4949
wrongTypeConfig, err := ssh_ca_util.GetConfigForEnv(environment, &allConfig)
5050
if err != nil {
51-
fmt.Println(err)
52-
os.Exit(1)
51+
return cli.NewExitError(fmt.Sprintf("%s", err), 1)
5352
}
5453
config := wrongTypeConfig.(ssh_ca_util.RequesterConfig)
5554

5655
getResp, err := http.Get(config.SignerUrl + "cert/requests")
5756
if err != nil {
58-
fmt.Println("Didn't get a valid response", err)
59-
os.Exit(1)
57+
return cli.NewExitError(fmt.Sprintf("Didn't get a valid response", err), 1)
6058
}
6159
getRespBuf, err := ioutil.ReadAll(getResp.Body)
6260
if err != nil {
63-
fmt.Println("Error reading response body", err)
64-
os.Exit(1)
61+
return cli.NewExitError(fmt.Sprintf("Error reading response body", err), 1)
6562
}
6663
getResp.Body.Close()
6764
if getResp.StatusCode != 200 {
68-
fmt.Println("Error getting listing of certs", string(getRespBuf))
69-
os.Exit(1)
65+
return cli.NewExitError(fmt.Sprintf("Error getting listing of certs", string(getRespBuf)), 1)
7066
}
7167

7268
certs := make(certRequestResponse)
@@ -75,13 +71,11 @@ func listCerts(c *cli.Context) {
7571
if showAll || !respElement.Signed {
7672
rawCert, err := base64.StdEncoding.DecodeString(respElement.CertBlob)
7773
if err != nil {
78-
fmt.Println("Trouble base64 decoding response:", err, respElement.CertBlob)
79-
os.Exit(1)
74+
return cli.NewExitError(fmt.Sprintf("Trouble base64 decoding response:", err, respElement.CertBlob), 1)
8075
}
8176
pubKey, err := ssh.ParsePublicKey(rawCert)
8277
if err != nil {
83-
fmt.Println("Trouble parsing response:", err)
84-
os.Exit(1)
78+
return cli.NewExitError(fmt.Sprintf("Trouble parsing response:", err), 1)
8579
}
8680
cert := *pubKey.(*ssh.Certificate)
8781
env, ok := cert.Extensions["environment@cloudtools.github.io"]
@@ -107,4 +101,5 @@ func listCerts(c *cli.Context) {
107101
}
108102
}
109103
}
104+
return nil
110105
}

request_cert.go

Lines changed: 17 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -44,12 +44,12 @@ func requestCertFlags() []cli.Flag {
4444
Usage: "An environment name (e.g. prod)",
4545
},
4646
cli.StringFlag{
47-
Name: "config-file",
47+
Name: "config-file, c",
4848
Value: configPath,
4949
Usage: "Path to config.json",
5050
},
5151
cli.StringFlag{
52-
Name: "reason",
52+
Name: "reason, r",
5353
Value: "",
5454
Usage: "Your reason for needing this SSH certificate.",
5555
},
@@ -70,20 +70,18 @@ func requestCertFlags() []cli.Flag {
7070
}
7171
}
7272

73-
func requestCert(c *cli.Context) {
73+
func requestCert(c *cli.Context) error {
7474
allConfig := make(map[string]ssh_ca_util.RequesterConfig)
7575
configPath := c.String("config-file")
7676
err := ssh_ca_util.LoadConfig(configPath, &allConfig)
7777
if err != nil {
78-
fmt.Println("Load Config failed:", err)
79-
os.Exit(1)
78+
return cli.NewExitError(fmt.Sprintf("Load Config failed: %s", err), 1)
8079
}
8180

8281
environment := c.String("environment")
8382
wrongTypeConfig, err := ssh_ca_util.GetConfigForEnv(environment, &allConfig)
8483
if err != nil {
85-
fmt.Println(err)
86-
os.Exit(1)
84+
return cli.NewExitError(fmt.Sprintf("%s", err), 1)
8785
}
8886
config := wrongTypeConfig.(ssh_ca_util.RequesterConfig)
8987

@@ -95,8 +93,7 @@ func requestCert(c *cli.Context) {
9593
reason = strings.TrimSpace(reason)
9694
}
9795
if reason == "" {
98-
fmt.Println("Failed to give a reason.")
99-
os.Exit(1)
96+
return cli.NewExitError("Failed to give a reason", 1)
10097
}
10198

10299
caRequest := ssh_ca_client.MakeCertRequest()
@@ -108,22 +105,19 @@ func requestCert(c *cli.Context) {
108105
failed |= trueOnError(caRequest.SetPrincipalsFromString(c.String("principals")))
109106

110107
if failed == 1 {
111-
fmt.Println("One or more errors found. Aborting request.")
112-
os.Exit(1)
108+
return cli.NewExitError("One or more errors found. Aborting request.", 1)
113109
}
114110

115111
var chosenKeyFingerprint, pubKeyComment string
116112
var pubKey ssh.PublicKey
117113
if config.PublicKeyPath != "" {
118114
pubKeyContents, err := ioutil.ReadFile(config.PublicKeyPath)
119115
if err != nil {
120-
fmt.Println("Trouble opening your public key file", config.PublicKeyPath, err)
121-
os.Exit(1)
116+
return cli.NewExitError(fmt.Sprintf("Trouble opening your public key file %s: %s", config.PublicKeyPath, err), 1)
122117
}
123118
pubKey, pubKeyComment, _, _, err = ssh.ParseAuthorizedKey(pubKeyContents)
124119
if err != nil {
125-
fmt.Println("Trouble parsing your public key", err)
126-
os.Exit(1)
120+
return cli.NewExitError(fmt.Sprintf("Trouble parsing your public key: %s", err), 1)
127121
}
128122
chosenKeyFingerprint = ssh_ca_util.MakeFingerprint(pubKey.Marshal())
129123
} else {
@@ -132,39 +126,32 @@ func requestCert(c *cli.Context) {
132126
}
133127

134128
if chosenKeyFingerprint == "" {
135-
fmt.Println("No SSH fingerprint found. Try setting PublicKeyFingerprint in requester config.")
136-
os.Exit(1)
129+
return cli.NewExitError("No SSH fingerprint found. Try setting PublicKeyFingerprint in requester config.", 1)
137130
}
138131

139132
conn, err := net.Dial("unix", os.Getenv("SSH_AUTH_SOCK"))
140133
if err != nil {
141-
fmt.Println("Dial failed:", err)
142-
os.Exit(1)
134+
return cli.NewExitError(fmt.Sprintf("Dial failed: %s", err), 1)
143135
}
144136

145137
signer, err := ssh_ca_util.GetSignerForFingerprint(chosenKeyFingerprint, conn)
146138
if err != nil {
147-
fmt.Println(err)
148-
os.Exit(1)
139+
return cli.NewExitError(fmt.Sprintf("%s", err), 1)
149140
}
150141
switch signer.PublicKey().Type() {
151142
case ssh.KeyAlgoRSA, ssh.KeyAlgoDSA, ssh.KeyAlgoECDSA256, ssh.KeyAlgoECDSA384, ssh.KeyAlgoECDSA521, ssh.KeyAlgoED25519:
152143
default:
153-
fmt.Println("Unsupported ssh key type:", signer.PublicKey().Type())
154-
fmt.Println("We support rsa, dsa and ecdsa. Need golang support for other algorithms.")
155-
os.Exit(1)
144+
return cli.NewExitError(fmt.Sprintf("Unsupported ssh key type: %s\nWe support rsa, dsa, edd25519 and ecdsa. Need golang support for other algorithms.", signer.PublicKey().Type()), 1)
156145
}
157146

158147
caRequest.SetPublicKey(signer.PublicKey(), pubKeyComment)
159148
newCert, err := caRequest.EncodeAsCertificate()
160149
if err != nil {
161-
fmt.Println("Error encoding certificate request:", err)
162-
os.Exit(1)
150+
return cli.NewExitError(fmt.Sprintf("Error encoding certificate request:", err), 1)
163151
}
164152
err = newCert.SignCert(rand.Reader, signer)
165153
if err != nil {
166-
fmt.Println("Error signing:", err)
167-
os.Exit(1)
154+
return cli.NewExitError(fmt.Sprintf("Error signing:", err), 1)
168155
}
169156

170157
certRequest := newCert.Marshal()
@@ -177,8 +164,7 @@ func requestCert(c *cli.Context) {
177164
fmt.Printf("Cert request id: %s\n", requestID)
178165
}
179166
} else {
180-
fmt.Println(err)
181-
os.Exit(1)
167+
return cli.NewExitError(fmt.Sprintf("%s", err), 1)
182168
}
183-
169+
return nil
184170
}

0 commit comments

Comments
 (0)